Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bxY0me9f7LXUy4JDC4H7P7Asb_U.roa
File:                     bxY0me9f7LXUy4JDC4H7P7Asb_U.roa (raw, json)
Hash identifier:          nsH7TMF0R998WJa0LyAcG9qLMWoi7T9NQAUbl6Is5lo=
Subject key identifier:   6F:16:34:99:EF:5F:EC:B5:D4:CB:82:43:0B:81:FB:3F:B0:2C:6F:F5
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       018EBC70361F5D5BF9C710444E9C26FBDFBC
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bxY0me9f7LXUy4JDC4H7P7Asb_U.roa
Signing time:             Mon 08 Apr 2024 06:40:54 +0000
ROA not before:           Mon 08 Apr 2024 06:40:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57604
IP address blocks:        45.141.208.0/22 maxlen: 24
                          45.150.8.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 18:25:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:bc:70:36:1f:5d:5b:f9:c7:10:44:4e:9c:26:fb:df:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Apr  8 06:40:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f163499ef5fecb5d4cb82430b81fb3fb02c6ff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:8b:97:8a:82:ec:8e:6b:41:74:ad:a6:dd:a0:
                    16:3e:b2:bb:55:2c:77:a4:0b:74:63:c2:84:af:c7:
                    18:66:26:61:a2:0b:96:c3:d5:2e:0a:06:77:e8:90:
                    68:50:0d:b9:4a:5d:95:ad:3e:ee:bd:f7:89:19:07:
                    d7:f4:eb:89:0f:a7:ca:fc:8e:c0:38:a2:7b:09:28:
                    bf:de:54:96:5f:ad:f1:eb:c2:12:b2:2c:ef:b2:a8:
                    14:41:6b:30:43:e3:38:41:20:a5:82:71:42:69:08:
                    0f:57:17:79:58:ef:64:29:d4:c6:41:ad:cf:09:4a:
                    25:13:33:38:50:63:17:42:27:5a:3c:20:ab:52:9b:
                    23:80:d5:c6:e6:90:7d:d3:00:a5:55:af:a7:bf:41:
                    6b:be:5a:64:b0:a6:14:bf:00:95:f0:90:73:b1:aa:
                    4c:70:18:c2:ee:cd:3a:c0:cf:4b:8b:f7:af:e6:8c:
                    50:e6:ad:dc:20:95:9d:04:6c:e7:f3:02:bd:08:9a:
                    d7:06:82:70:b7:5c:bc:c0:45:4b:f6:31:92:c2:fb:
                    73:a0:4b:7e:f0:31:d9:17:52:89:e7:65:13:9d:c0:
                    c0:5d:30:2a:ee:85:38:f8:0a:c1:3d:6f:40:7d:0d:
                    f7:e5:9d:14:71:d5:71:10:da:78:51:08:52:b5:e7:
                    5d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:16:34:99:EF:5F:EC:B5:D4:CB:82:43:0B:81:FB:3F:B0:2C:6F:F5
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/bxY0me9f7LXUy4JDC4H7P7Asb_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.208.0/22
                  45.150.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:7f:06:2f:c5:8e:0a:11:5e:8f:6c:01:bf:9a:f5:fc:6d:16:
         f9:36:a4:a8:c1:16:33:00:47:69:88:03:dd:b8:ec:28:50:a1:
         c7:f8:aa:4c:43:17:17:0e:7a:43:26:bb:cc:6f:b7:49:39:0e:
         73:67:ec:a7:98:c9:e8:74:18:9f:2a:16:15:f2:2c:94:8c:b5:
         3c:00:0d:22:d3:c5:ba:4e:d6:58:73:06:c8:c7:b0:a0:b9:89:
         7d:c4:40:9c:2d:3c:09:24:02:8f:cf:ec:16:7e:26:8c:dd:44:
         ac:14:f1:00:f2:37:6a:92:03:5f:77:95:db:45:d8:d8:a4:f7:
         9f:1c:5b:be:9c:38:54:6d:08:2e:e1:5b:44:9b:fc:6c:19:e1:
         78:3e:a4:62:ba:b9:84:df:b1:81:f3:13:88:fd:3a:2a:1c:61:
         8e:5d:7c:63:85:b3:06:4b:6a:18:9a:60:d8:94:d1:61:6a:06:
         85:67:04:09:ee:de:37:f8:c3:5b:b0:63:98:81:ee:36:af:fe:
         95:85:1c:59:5f:10:5f:89:b0:f9:67:dd:9f:32:4a:d6:71:37:
         47:13:44:5e:2b:33:a5:ea:a0:27:b7:93:35:bf:e8:8d:47:bb:
         86:0a:e3:2c:4c:86:80:7a:6e:ab:07:76:04:ab:fa:74:9f:ad:
         ea:94:8e:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY68cDYfXVv5xxBETpwm+9+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDA4MDY0MDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE2MzQ5OWVmNWZlY2I1ZDRjYjgyNDMwYjgxZmIzZmIwMmM2ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YuXioLsjmtBdK2m3aAWPrK7VSx3
pAt0Y8KEr8cYZiZhoguWw9UuCgZ36JBoUA25Sl2VrT7uvfeJGQfX9OuJD6fK/I7A
OKJ7CSi/3lSWX63x68ISsizvsqgUQWswQ+M4QSClgnFCaQgPVxd5WO9kKdTGQa3P
CUolEzM4UGMXQidaPCCrUpsjgNXG5pB90wClVa+nv0FrvlpksKYUvwCV8JBzsapM
cBjC7s06wM9Li/ev5oxQ5q3cIJWdBGzn8wK9CJrXBoJwt1y8wEVL9jGSwvtzoEt+
8DHZF1KJ52UTncDAXTAq7oU4+ArBPW9AfQ335Z0UcdVxENp4UQhSteddhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8WNJnvX+y11MuCQwuB+z+wLG/1MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvYnhZMG1lOWY3TFhVeTRKREM0SDdQN0FzYl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQBLfwYvxY4KEV6PbAG/mvX8bRb5NqSowRYz
AEdpiAPduOwoUKHH+KpMQxcXDnpDJrvMb7dJOQ5zZ+ynmMnodBifKhYV8iyUjLU8
AA0i08W6TtZYcwbIx7CguYl9xECcLTwJJAKPz+wWfiaM3USsFPEA8jdqkgNfd5Xb
RdjYpPefHFu+nDhUbQgu4VtEm/xsGeF4PqRiurmE37GB8xOI/ToqHGGOXXxjhbMG
S2oYmmDYlNFhagaFZwQJ7t43+MNbsGOYge42r/6VhRxZXxBfibD5Z92fMkrWcTdH
E0ReKzOl6qAnt5M1v+iNR7uGCuMsTIaAem6rB3YEq/p0n63qlI60
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org